Merge pull request #2133 from ethereum/allow-path

Support --allow-path in the CLI
This commit is contained in:
chriseth 2017-04-20 18:03:47 +02:00 committed by GitHub
commit 6468955fb1
3 changed files with 19 additions and 1 deletions

View File

@ -2,6 +2,8 @@
Features:
* Support ``interface`` contracts.
* Commandline interface: Support ``--allow-paths`` to define trusted import paths. Note: the
path(s) of the supplied source file(s) is always trusted.
Bugfixes:
* Type system: Contract inheriting from base with unimplemented constructor should be abstract.

View File

@ -29,6 +29,8 @@ files reside, so things like ``import "/etc/passwd";`` only work if you add ``=/
If there are multiple matches due to remappings, the one with the longest common prefix is selected.
For security reasons the compiler has restrictions what directories it can access. Paths (and their subdirectories) of source files specified on the commandline and paths defined by remappings are allowed for import statements, but everything else is rejected. Additional paths (and their subdirectories) can be allowed via the ``--allow-paths /sample/path,/another/sample/path`` switch.
If your contracts use :ref:`libraries <libraries>`, you will notice that the bytecode contains substrings of the form ``__LibraryName______``. You can use ``solc`` as a linker meaning that it will insert the library addresses for you at those points:
Either add ``--libraries "Math:0x12345678901234567890 Heap:0xabcdef0123456"`` to your command to provide an address for each library or store the string in a file (one library per line) and run ``solc`` using ``--libraries fileName``.

View File

@ -102,6 +102,7 @@ static string const g_strSrcMapRuntime = "srcmap-runtime";
static string const g_strVersion = "version";
static string const g_stdinFileNameStr = "<stdin>";
static string const g_strMetadataLiteral = "metadata-literal";
static string const g_strAllowPaths = "allow-paths";
static string const g_argAbi = g_strAbi;
static string const g_argAddStandard = g_strAddStandard;
@ -131,6 +132,7 @@ static string const g_argSignatureHashes = g_strSignatureHashes;
static string const g_argVersion = g_strVersion;
static string const g_stdinFileName = g_stdinFileNameStr;
static string const g_argMetadataLiteral = g_strMetadataLiteral;
static string const g_argAllowPaths = g_strAllowPaths;
/// Possible arguments to for --combined-json
static set<string> const g_combinedJsonArgs{
@ -533,7 +535,12 @@ Allowed options)",
"Switch to linker mode, ignoring all options apart from --libraries "
"and modify binaries in place."
)
(g_argMetadataLiteral.c_str(), "Store referenced sources are literal data in the metadata output.");
(g_argMetadataLiteral.c_str(), "Store referenced sources are literal data in the metadata output.")
(
g_argAllowPaths.c_str(),
po::value<string>()->value_name("path(s)"),
"Allow a given path for imports. A list of paths can be supplied by separating them with a comma."
);
po::options_description outputComponents("Output Components");
outputComponents.add_options()
(g_argAst.c_str(), "AST of all source files.")
@ -601,6 +608,13 @@ Allowed options)",
bool CommandLineInterface::processInput()
{
if (m_args.count(g_argAllowPaths))
{
vector<string> paths;
for (string const& path: boost::split(paths, m_args[g_argAllowPaths].as<string>(), boost::is_any_of(",")))
m_allowedDirectories.push_back(boost::filesystem::path(path));
}
readInputFilesAndConfigureRemappings();
if (m_args.count(g_argLibraries))